package com.sundablog.controller.backend.login;

import java.io.IOException;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.sundablog.pojo.AdminUser;
import com.sundablog.result.BaseResult;
import com.sundablog.service.backend.system.upms.user.UserService;
import com.sundablog.utlis.CaptchaUtil;

import com.sundablog.utlis.RedisUtil;

import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.digest.DigestUtil;

/**
 * 登录控制器
 * @ClassName:  LoginController   
 * @Description:登录控制器  
 * @author: 哒哒 
 * @date:   2018年3月18日 下午12:45:41   
 *     
 * @Copyright: 2018 www.sundablog.com Inc. All rights reserved.
 */
@Controller
public class LoginController {
	
	@Autowired
	private UserService userService;
	
	/**
	 * 登入界面显示
	 * @Title: login   
	 * @Description: TODO(这里用一句话描述这个方法的作用)   
	 * @param: @return      
	 * @return: String      
	 * @throws
	 */
	@RequestMapping(value= {"/","/login"})
	public String login() {
		return "/login/login";
	}
	
	/**
	 * 验证码   
	 * @Title: code   
	 * @Description: TODO(这里用一句话描述这个方法的作用)   
	 * @param: @param request
	 * @param: @param response
	 * @param: @param session
	 * @param: @throws IOException      
	 * @return: void      
	 * @throws
	 */
	@RequestMapping("/captcha")
	public void code(HttpServletRequest request, HttpServletResponse response) throws IOException {

		// 设置响应的类型格式为图片格式
		response.setContentType("image/jpeg");
		response.setHeader("Pragma", "no-cache");
		response.setHeader("Cache-Control", "no-cache");
		response.setDateHeader("Expires", 0);
		// 自定义参数
		CaptchaUtil code = new CaptchaUtil(156, 38, 4, 4);
		request.getSession().setAttribute("validateCode", code.getCode());
		code.write(response.getOutputStream());
		System.err.println(request);
	
	}
	
	/**
	 * 登录
	 * @Title: loginClick   
	 * @Description: TODO(这里用一句话描述这个方法的作用)   
	 * @param: @param userName
	 * @param: @param password
	 * @param: @param verificationCode
	 * @param: @return
	 * @param: @throws DisabledAccountException      
	 * @return: BaseResult      
	 * @throws
	 */
	@RequestMapping("/loginClick")
	@ResponseBody
	public BaseResult loginClick(String userName, String password, String verificationCode,HttpServletRequest request)
			throws DisabledAccountException {
		String captcha = (String)request.getSession().getAttribute("validateCode");
		if (StrUtil.isEmpty(verificationCode)) {
			return BaseResult.build(209, "验证码错误");
		} else {
			if (captcha.equals(verificationCode)) {
				/**
				 * 获得当前用户对象,状态为“未认证”
				 */
				Subject subject = SecurityUtils.getSubject();
				AdminUser adminUser = userService.selectAdminUserByUserName(userName);
				if (1 == adminUser.getLocked().intValue()) {
					return BaseResult.build(202, "账户以及被锁定");
				}
				AuthenticationToken token = new UsernamePasswordToken(userName,
						DigestUtil.md5Hex(password + adminUser.getSalt()));// 创建用户名密码令牌对象
				
				try {
					subject.login(token);
					return BaseResult.ok();
				} catch (AuthenticationException e) {
					return BaseResult.build(203, "用户名密码错误");
				}
				
			} else {
				//验证码错误
				return BaseResult.build(204, "验证码错误");
			}
		}
	}
	
	
	
	
	/**
	 * 退出
	 * @Title: quit   
	 * @Description: TODO(这里用一句话描述这个方法的作用)   
	 * @param: @return      
	 * @return: BaseResult      
	 * @throws
	 */
	@RequestMapping("/quit")
	@ResponseBody
	public BaseResult quit() {
		Subject subject = SecurityUtils.getSubject();
		try {
			subject.logout();
			return BaseResult.ok();
		} catch (Exception e) {
			return BaseResult.build(201, "退出失败");
		}
	}
	
}
